Windows error on startup need help. ty - Page 2

blackhawk · 2 Weeks Ago

oops i ddnt attach it well here it is attached to this one SORRYS!

ComboFix 09-11-03.03 - Jordan 11/04/2009 18:40.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3583.3104 [GMT 10:00]
Running from: c:\documents and settings\Jordan\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Jordan\Desktop\CFScript.txt
FILE ::
"c:\documents and settings\Jordan\Local Settings\Application Data\NetMailTmp.bin"
"c:\documents and settings\NetworkService\Local Settings\Application Data\NetMailTmp.bin"
"c:\windows\system32\SET2B0.tmp"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\andrewja@home.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\chris@barking-dog.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\cliffe@counter-strike.net.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\comercial@havasinteractive. es.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\coyote@eudoramail.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\crinity@email.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\D_Mike@soneramail.nl.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\digichaos@hotsheep.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\DMike@nmtrix.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\dv@btinternet.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\fps_jordan@hotmail.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\fragged101@yahoo.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\glenc@hotsheep.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\gooseman@counter-strike.net.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\heavengame@yahoo.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\hobbit@bellatlantic.net.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\Hobbit@nodream.net.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\ido@dnai.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\jean_dupond@hotmail.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\joe_smith@hotmail.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\jogi@netads.de.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\jseward@acm.org.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\kildong_hong@mail.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\lmuur@dlc.fi.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\macmaninfi@aol.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\MEEEEDIC@gmx.net.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\mlr32@cam.ac.uk.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\mspss@gto.net.om.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\mts@lebanon-online.com.lb.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\mushroomz_meow@hotmail.com. ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\N0TH1NG@mailcity.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\narby@counter-strike.net.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\soporte@havasinteractive.es .ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\stecnico@ea.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\tekninentuki@europe.ea.com. ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\tyr@barking-dog.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\velcrospud@hotmail.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\wilder@cleanweb.net.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\witchdawn@hotmail.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\wowtech@blizzard.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\Loc.Mail.Bron.Tok\zaphod@mapcore.com.ini
c:\documents and settings\Jordan\Local Settings\Application Data\NetMailTmp.bin
c:\documents and settings\Jordan\Local Settings\Application Data\Ok-SendMail-Bron-tok
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\andrewja@home.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\chris@barking-dog.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\cliffe@counter-strike.net.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\comercial@havasinteractive. es.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\coyote@eudoramail.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\crinity@email.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\D_Mike@soneramail.nl.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\digichaos@hotsheep.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\DMike@nmtrix.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\dv@btinternet.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\fps_jordan@hotmail.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\fragged101@yahoo.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\glenc@hotsheep.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\gooseman@counter-strike.net.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\heavengame@yahoo.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\hobbit@bellatlantic.net.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\Hobbit@nodream.net.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\ido@dnai.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\jean_dupond@hotmail.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\joe_smith@hotmail.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\jogi@netads.de.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\jseward@acm.org.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\kildong_hong@mail.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\lmuur@dlc.fi.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\macmaninfi@aol.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\MEEEEDIC@gmx.net.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\mlr32@cam.ac.uk.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\mspss@gto.net.om.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\mts@lebanon-online.com.lb.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\mushroomz_meow@hotmail.com. ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\N0TH1NG@mailcity.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\narby@counter-strike.net.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\soporte@havasinteractive.es .ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\stecnico@ea.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\tekninentuki@europe.ea.com. ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\tyr@barking-dog.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\velcrospud@hotmail.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\wilder@cleanweb.net.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\witchdawn@hotmail.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\wowtech@blizzard.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok\zaphod@mapcore.com.ini
c:\documents and settings\NetworkService\Local Settings\Application Data\NetMailTmp.bin
c:\documents and settings\NetworkService\Local Settings\Application Data\Ok-SendMail-Bron-tok
c:\windows\system32\SET2B0.tmp
.
((((((((((((((((((((((((( Files Created from 2009-10-04 to 2009-11-04 )))))))))))))))))))))))))))))))
.
2009-11-03 09:42 . 2009-11-03 09:42 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Threat Expert
2009-11-03 08:19 . 2009-11-03 08:19 -------- d-----w- c:\documents and settings\Jordan\Application Data\Malwarebytes
2009-11-03 08:19 . 2009-09-10 04:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-03 08:19 . 2009-11-03 08:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-03 08:19 . 2009-09-10 04:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-03 08:19 . 2009-11-03 08:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-01 09:42 . 2009-11-01 09:42 -------- d-----w- c:\program files\LanSchool
2009-10-31 13:00 . 2009-10-31 13:00 -------- d-----w- c:\documents and settings\Jordan\Local Settings\Application Data\Threat Expert
2009-10-31 12:25 . 2009-10-31 12:25 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-29 07:43 . 2009-10-29 07:43 -------- d-----w- c:\program files\Youtube Downloader HD
2009-10-28 09:58 . 2009-10-28 10:02 63 ----a-w- c:\documents and settings\Jordan\jagex_runescape_preferences2.dat
2009-10-28 09:57 . 2009-10-28 10:01 38 ----a-w- c:\documents and settings\Jordan\jagex_runescape_preferences.dat
2009-10-27 07:43 . 2009-10-27 07:43 -------- d-----w- c:\windows\.jagex_cache_32
2009-10-27 07:40 . 2009-10-27 07:40 -------- d-----w- c:\program files\Java
2009-10-27 07:24 . 2009-10-27 07:24 -------- d-----w- c:\windows\Sun
2009-10-27 07:23 . 2009-10-27 07:40 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-26 07:17 . 2009-10-26 07:17 148784 ----a-w- c:\windows\system32\lsk_iblk.dll
2009-10-26 07:17 . 2009-10-26 07:17 66352 ----a-w- c:\windows\system32\lskhook64.dll
2009-10-26 07:17 . 2009-10-26 07:17 75056 ----a-w- c:\windows\system32\lskhook.dll
2009-10-25 06:18 . 2009-10-25 06:18 2285056 ----a-w- c:\windows\system32\TUKernel.exe
2009-10-25 04:16 . 2009-10-25 04:16 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-10-25 04:16 . 2009-07-15 01:48 29000 ----a-w- c:\windows\system32\uxtuneup.dll
2009-10-25 04:16 . 2009-10-25 04:16 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-10-25 04:16 . 2009-10-25 04:16 -------- d-----w- c:\documents and settings\Jordan\Application Data\TuneUp Software
2009-10-25 04:16 . 2009-10-25 04:16 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-10-25 04:16 . 2009-10-25 06:11 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-10-25 04:13 . 2009-10-25 04:13 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-10-25 03:04 . 2009-10-25 03:04 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-10-25 03:04 . 2009-10-25 03:04 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-25 03:04 . 2009-10-25 03:04 -------- d-----w- c:\documents and settings\Jordan\Application Data\SUPERAntiSpyware.com
2009-10-25 03:03 . 2009-10-25 03:03 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-24 22:45 . 2009-10-24 22:45 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Mozilla
2009-10-20 11:56 . 2009-10-08 01:31 149456 ----a-w- c:\windows\SGDetectionTool.dll
2009-10-20 11:56 . 2009-10-08 01:31 165840 ----a-w- c:\windows\PCTBDRes.dll
2009-10-20 11:56 . 2009-10-08 01:31 1636304 ----a-w- c:\windows\PCTBDCore.dll
2009-10-20 11:56 . 2009-10-08 01:31 767952 ----a-w- c:\windows\BDTSupport.dll
2009-10-20 11:56 . 2009-10-02 04:19 1152470 ----a-w- c:\windows\UDB.zip
2009-10-20 11:56 . 2008-11-26 02:08 131 ----a-w- c:\windows\IDB.zip
2009-10-20 11:48 . 2009-09-23 22:55 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-10-20 11:48 . 2009-10-06 06:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-10-20 11:48 . 2009-09-23 06:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-10-20 11:48 . 2009-09-02 23:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-10-20 11:48 . 2009-10-20 11:56 -------- d-----w- c:\program files\Common Files\PC Tools
2009-10-20 11:48 . 2009-11-04 08:35 -------- d-----w- c:\program files\Spyware Doctor
2009-10-20 11:48 . 2009-10-20 11:48 -------- d-----w- c:\documents and settings\Jordan\Application Data\PC Tools
2009-10-20 11:48 . 2009-10-20 11:48 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-10-20 11:48 . 2009-11-04 08:35 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-20 11:47 . 2009-10-20 11:47 -------- d-s---w- c:\documents and settings\Jordan\UserData
2009-10-20 09:08 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2009-10-20 08:47 . 2009-10-20 08:47 -------- d-----w- c:\windows\system32\scripting
2009-10-20 08:47 . 2009-10-20 08:47 -------- d-----w- c:\windows\system32\en
2009-10-20 08:47 . 2009-10-20 08:47 -------- d-----w- c:\windows\system32\bits
2009-10-20 08:47 . 2009-10-20 08:47 -------- d-----w- c:\windows\l2schemas
2009-10-18 07:16 . 2009-10-18 07:16 391 ----a-w- c:\documents and settings\NetworkService\Local Settings\Application Data\JunkAtx18.bin
2009-10-18 04:15 . 2009-08-06 09:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-10-18 04:15 . 2009-08-06 09:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-10-18 01:05 . 2009-10-18 09:29 -------- d-----w- c:\program files\Microsoft Silverlight
2009-10-18 01:05 . 2009-10-18 01:05 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-10-18 01:04 . 2009-10-18 01:04 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-10-18 01:04 . 2009-10-30 08:41 -------- d-----w- c:\documents and settings\Jordan\Tracing
2009-10-18 01:03 . 2009-10-18 01:05 -------- d-----w- c:\program files\Microsoft
2009-10-18 01:03 . 2009-10-18 01:03 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-10-18 00:47 . 2009-10-18 00:47 -------- d-----w- c:\program files\Common Files\Windows Live
2009-10-18 00:38 . 2009-10-18 01:05 -------- d-----w- c:\program files\Windows Live
2009-10-17 07:48 . 2009-09-23 00:41 26176 ---ha-w- c:\windows\system32\hamachi.sys
2009-10-16 07:29 . 2008-01-23 00:19 692224 ----a-w- c:\windows\system32\ANIWZCS2.dll
2009-10-16 07:29 . 2007-12-11 05:36 245760 ----a-w- c:\windows\system32\WlanApp.dll
2009-10-16 07:29 . 2007-11-21 08:36 217088 ----a-w- c:\windows\system32\aIPH.dll
2009-10-16 07:29 . 2007-10-08 09:13 262144 ----a-w- c:\windows\system32\wnicapi.dll
2009-10-16 07:29 . 2006-09-26 03:49 45115 ----a-w- c:\windows\system32\ANICtl.dll
2009-10-16 07:29 . 2005-10-26 22:55 49152 ----a-w- c:\windows\system32\JJAKEn.dll
2009-10-16 07:29 . 2005-10-19 08:19 49152 ----a-w- c:\windows\system32\AQCKGen.dll
2009-10-16 07:29 . 2005-10-19 08:19 1327189 ----a-w- c:\windows\system32\odSupp_M.dll
2009-10-16 07:28 . 2009-10-16 07:29 -------- d-----w- c:\program files\ANI
2009-10-16 07:28 . 2007-11-21 08:46 36864 ----a-w- c:\windows\system32\ANIOApi.dll
2009-10-16 07:28 . 2007-05-12 06:39 48128 ----a-w- c:\windows\system32\ANIO64.sys
2009-10-16 07:28 . 2007-05-12 06:39 28195 ----a-w- c:\windows\system32\ANIO.sys
2009-10-16 07:28 . 2007-05-12 06:39 11904 ----a-w- c:\windows\system32\anio4.sys
2009-10-16 07:28 . 2009-10-16 07:28 -------- d-----w- c:\program files\D-Link
2009-10-12 13:37 . 2008-04-14 00:09 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-10-12 13:37 . 2001-08-17 12:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-10-12 13:37 . 2001-08-17 12:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-10-12 13:37 . 2001-08-17 12:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-10-12 13:37 . 2001-08-17 12:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-10-12 13:37 . 2001-08-17 04:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-10-12 13:37 . 2001-08-17 04:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-10-12 13:37 . 2001-08-17 04:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-10-12 13:37 . 2001-08-17 04:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-10-12 13:37 . 2001-08-17 04:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-10-12 13:37 . 2001-08-17 04:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-10-12 13:31 . 2009-10-12 13:31 391 ----a-w- c:\documents and settings\Jordan\Local Settings\Application Data\JunkAtx18.bin
2009-10-11 10:56 . 2009-10-11 10:56 -------- d-----w- c:\windows\Profiles
2009-10-11 10:56 . 2009-10-11 10:57 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-11 10:56 . 2009-10-11 10:56 -------- d-----w- c:\windows\system32\Adobe
2009-10-11 10:56 . 2009-10-11 10:56 -------- d-----w- c:\documents and settings\Jordan\Application Data\InterTrust
2009-10-11 10:56 . 1998-10-29 04:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-10-08 10:08 . 2009-10-10 08:11 77415 ----a-w- c:\windows\War3Unin.dat
2009-10-08 10:08 . 2009-10-08 10:15 2829 ----a-w- c:\windows\War3Unin.pif
2009-10-08 10:08 . 2009-10-08 10:15 139264 ----a-w- c:\windows\War3Unin.exe
2009-10-08 10:05 . 2009-10-10 08:36 -------- d-----w- c:\program files\Warcraft III
2009-10-08 07:10 . 2009-10-09 12:18 -------- d-----w- c:\documents and settings\All Users\Application Data\NexonUS
2009-10-08 07:10 . 2009-10-08 07:10 -------- d-----w- C:\Nexon
2009-10-08 07:02 . 2004-08-03 12:29 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2009-10-07 08:31 . 2007-04-09 03:23 28040 ----a-w- c:\windows\system32\mdimon.dll
2009-10-07 08:31 . 2009-10-07 08:31 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-10-07 08:31 . 2009-10-25 04:20 -------- d-----w- c:\windows\SHELLNEW
2009-10-07 08:30 . 2009-10-07 08:30 -------- d-----w- c:\program files\Microsoft.NET
2009-10-07 08:28 . 2009-10-07 08:28 -------- d-----r- C:\MSOCache
2009-10-07 08:03 . 2009-10-31 12:24 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-07 08:03 . 2009-10-31 12:24 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-07 08:03 . 2009-10-07 08:03 -------- d-----w- c:\program files\Real
2009-10-07 08:03 . 2009-10-31 12:25 -------- d-----w- c:\program files\Common Files\Real
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-11-03 12:49 . 2009-09-24 23:17 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-03 12:49 . 2009-09-24 23:16 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-31 12:59 . 2009-09-23 12:57 -------- d-----w- c:\program files\Minefield
2009-10-26 08:10 . 2009-09-23 11:39 -------- d-----w- c:\program files\Steam
2009-10-25 03:39 . 2009-10-02 07:47 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-10-21 08:26 . 2009-09-23 11:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-20 10:28 . 2009-09-23 11:16 47024 ----a-w- c:\documents and settings\Jordan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-04 09:05 . 2009-10-04 09:05 -------- d-----w- c:\program files\GameSpy Arcade
2009-10-04 09:00 . 2009-09-23 12:49 -------- d-----w- c:\program files\EA GAMES
2009-10-03 13:01 . 2009-10-03 13:01 -------- d-----w- c:\program files\MSBuild
2009-10-03 13:01 . 2009-10-03 13:01 -------- d-----w- c:\program files\Reference Assemblies
2009-10-03 12:59 . 2009-10-03 12:59 -------- d-----w- c:\program files\MSXML 6.0
2009-09-29 04:03 . 2009-09-23 22:30 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-09-27 09:54 . 2009-09-27 09:54 4 ----a-w- C:\loadcounter.dat
2009-09-27 09:43 . 2009-09-27 09:39 -------- d-----w- c:\program files\Easy Video Downloader
2009-09-27 04:53 . 2009-09-24 00:14 -------- d-----w- c:\program files\World of Warcraft
2009-09-25 05:37 . 2004-08-04 12:00 667136 ------w- c:\windows\system32\wininet.dll
2009-09-25 05:37 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-24 23:15 . 2009-09-24 23:15 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-24 01:39 . 2009-09-24 01:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard
2009-09-24 01:12 . 2009-09-24 01:12 -------- d-----w- c:\program files\MSECache
2009-09-24 01:10 . 2009-09-24 01:10 -------- d-----w- c:\program files\Curse
2009-09-24 00:18 . 2009-09-24 00:18 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-09-23 22:30 . 2009-09-23 22:30 217088 ----a-w- c:\windows\system32\UAService7.exe
2009-09-23 22:26 . 2009-09-23 22:26 -------- d-----w- c:\program files\Codemasters
2009-09-23 22:02 . 2009-09-23 22:02 -------- d-----w- c:\program files\City Interactive
2009-09-23 21:53 . 2009-09-23 21:24 767 ----a-w- c:\windows\eReg.dat
2009-09-23 21:53 . 2009-09-23 21:53 -------- d-----w- c:\program files\Byteswarm
2009-09-23 21:53 . 2009-09-23 21:53 737280 ----a-w- c:\windows\iun6002.exe
2009-09-23 12:57 . 2009-09-23 12:57 0 ----a-w- c:\windows\nsreg.dat
2009-09-23 12:39 . 2009-09-23 11:37 -------- d-----w- c:\program files\Valve
2009-09-23 11:42 . 2009-09-23 10:48 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-09-23 11:36 . 2009-09-23 11:36 -------- d-----w- c:\program files\BitTorrent
2009-09-23 11:30 . 2009-09-23 10:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-09-23 11:16 . 2009-09-23 11:16 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-09-23 11:16 . 2009-09-23 11:16 -------- d-----w- c:\documents and settings\Jordan\Application Data\ATI
2009-09-23 11:16 . 2009-09-23 11:16 0 ----a-w- c:\windows\ativpsrm.bin
2009-09-23 11:15 . 2009-09-23 11:10 -------- d-----w- c:\program files\ATI Technologies
2009-09-23 11:13 . 2009-09-23 11:13 -------- d-----w- c:\program files\Common Files\ATI Technologies
2009-09-23 11:10 . 2009-09-23 10:59 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-23 11:05 . 2009-09-23 11:00 -------- d-----w- c:\program files\Realtek
2009-09-23 11:05 . 2009-09-23 11:05 -------- d-----w- c:\documents and settings\Jordan\Application Data\InstallShield
2009-09-23 10:57 . 2009-09-23 10:57 -------- d-----w- c:\program files\Intel
2009-09-23 10:50 . 2009-09-23 10:50 -------- d-----w- c:\documents and settings\Jordan\Application Data\Symantec
2009-09-23 10:35 . 2009-09-23 10:35 -------- d-----w- c:\program files\microsoft frontpage
2009-08-06 09:24 . 2004-08-04 12:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 09:23 . 2009-09-23 10:32 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 09:23 . 2009-09-23 10:32 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2004-08-04 12:00 . 2004-08-04 12:00 1392671 --sh--r- c:\windows\system32\msvbvm60.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-11-03_08.46.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-04 08:21 . 2009-11-04 08:21 16384 c:\windows\Temp\Perflib_Perfdata_88.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{472734EA-242A-422B-ADF8-83D1E48CC825}"= "c:\program files\Spyware Doctor\BDT\PCTBrowserDefender.dll" [2009-10-08 395216]
[HKEY_CLASSES_ROOT\clsid\{472734ea-242a-422b-adf8-83d1e48cc825}]
[HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{175B7885-28AB-4D18-8773-7A13A99980A4}]
[HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{472734EA-242A-422B-ADF8-83D1E48CC825}"= "c:\program files\Spyware Doctor\BDT\PCTBrowserDefender.dll" [2009-10-08 395216]
[HKEY_CLASSES_ROOT\clsid\{472734ea-242a-422b-adf8-83d1e48cc825}]
[HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{175B7885-28AB-4D18-8773-7A13A99980A4}]
[HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-10-12 2000112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"D-Link D-Link Wireless G DWA-110"="c:\program files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe" [2008-04-15 1675264]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-09-22 1243088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-27 149280]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-31 198160]
"Teacher"="c:\program files\LanSchool\teacher.exe" [2009-10-26 2241840]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-11-17 17676288]
[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 05:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield Vietnam\\bfvietnam.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\nexon\Combat Arms\Engine.exe"= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LanSchool\\student.exe"=
"c:\\Program Files\\LanSchool\\teacher.exe"=
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [10/20/2009 9:48 PM 207280]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [10/12/2009 9:24 PM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/12/2009 9:24 PM 74480]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [10/20/2009 9:56 PM 112592]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [10/20/2009 9:48 PM 358600]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [10/25/2009 2:16 PM 604488]
R3 lsmirror;lsmirror;c:\windows\system32\drivers\lsmi rror.sys [12/21/2007 1:33 PM 5632]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [10/12/2009 9:24 PM 7408]
S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
*Deregistered* - PCTSDInjDriver32
*Deregistered* - PROCEXP113
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2009-11-04 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 00:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-04 18:42
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Run\OptionalComponents\IMAIL]
@DACL=(02 0000)
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Run\OptionalComponents\MAPI]
@DACL=(02 0000)
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Run\OptionalComponents\MSFS]
@DACL=(02 0000)
"Installed"="1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(888)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-11-04 18:43
ComboFix-quarantined-files.txt 2009-11-04 08:43
ComboFix2.txt 2009-11-03 08:47
Pre-Run: 108,532,957,184 bytes free
Post-Run: 108,517,191,680 bytes free

Pancake · 2 Weeks Ago

i dont see anymore problems so see how that goes..

2 Weeks Ago	#9
Pancake Senior Security Analyst Join Date: Jun 2006 Location: Victoria, Australia Posts: 6,867 PC Experience: Elite PC Guru	Re: Windows error on startup need help. ty i dont see anymore problems so see how that goes.. __________________ An Australian Member of and My real name is Eddy

Similar discussions...
Thread	Thread Starter	Forum	Replies	Last Post
Windows Defender error 0x800106ba at startup	tonyme	General Software	27	06-08-2009 03:15 PM
Pending: .qit error on startup	purplegrl	[Pending] HJT Logs	12	05-03-2009 05:43 AM
Pending: BSOD - windows 2000 pro. startup error	dez	Blue Screen Errors	1	04-18-2007 07:47 PM
Windows Startup Error Help	xomrselfdestructox	Windows XP/2000	7	09-06-2006 05:44 PM
[Fixed] Windows error at startup autochk.exe skipping check...HELP!	Ali2005	Windows XP/2000	8	01-05-2006 10:49 PM

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode